10-14-2008 02:57 AM - edited 03-03-2019 11:55 PM
Hi
2 office is site 2 site vpn.
office 1 - london
office 2 - tokyo
from london I want to be able to ping the inside interface of tokyo across the VPN. Can some please tell me how to do this? I tried adding another cryptop acl for icmp but it did not work.
please help
thanks
10-14-2008 03:15 AM
ICMP will be allowed by the "interesting" crypto access-list.
make sure the ACl allows just IP or also ICMP.
This has to be the same for both ends, also check your no-nat to insure you do not have any issues there.
HTH>
10-14-2008 05:04 AM
I have a crypto map applied on both fwalls for icmp
I also have on the tokyo side
icmp permit any inside
icmp permit any echo-reply inside
icmp permit any echo inside
icmp permit any outside
icmp permit any echo-reply outside
icmp permit any echo outside
and on the london side
icmp permit any inside
access-list outside_in extended permit icmp any any echo-reply
need some help here please
10-14-2008 05:10 AM
Post your config's from both devices for review, remove sensitive information.
10-14-2008 05:33 AM
10-15-2008 01:56 AM
resolved myself. mangement network inside is the command that you need to achieve this
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide